If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I've never even heard of anti-forensics. And just because I haven't heard of that, among other reasons, I'd be interested in seeing the final result of your paper if you're willing to share it. Sorry I can't help you with your paper though.

I'm not sure if this is an antiforensics tool, but I've used various hard drive whiping utilities that go further than a simple format. I've heard of drive washing, but I have this other boot disk at work that I've used exclusively. I can't remember the name. If you really want to know, message me and I'll tell you tomorrow. I usually use it before we return any leased systems or do any type of donations. The only problem with it, it takes a hell of a long time to format.

As far as other tools I use to discourage digital evidence or access to important critical information, I have a media destroyer/paper shredder. Before I throw CDs/DVDs away, I make sure I destroy them. NOt sure if this is considered antiforensics, but I can see how it would be a barrier against people trying to steal any type of data.

1. I have a working computer which I use, then delete evidence of what I did.
2. I want to wipe everything off a hard drive and that retained in the RAM sticks.

I think that your question is about #1................so you still have a working computer, but it retains no trace that can be discovered by using computer applications, and leaving the device fully functional?

For example, tools like Darik's Boot and Nuke will clean a machine for redistribution, but you will trash everything in the process. You would need to install an operating system etc. to get it to work afterwards.

If you need a more subtle solution, you first need to find where program accessible data are stored?

Anything that will disrupt the validity of the data will work as anti forensics.

Encryption, secure deletion, anonamisers.

I think you need to be more specific.

I ask you guys for your opinion on a broad open topic and you still want more specific details. lol. Encryption, secure deletion, anonamisers, these all are great. And i might even throw the sledge hammer into my paper.

My paper covers specific information about what anti-forensics is, how it can be used, and specific anti-forensics tools. I am working with a partner for this paper who is supposed to cover the first two things, and i am just supposed to write about tools. So you have a broad spectrum of opportunity to explore your favorites list, any books your might have read, and even your common knowledge to provide input to the discussion. No Parameters! As long as it's something anti-forensics.

Disk wiping to the point of no return, encryption, scripts, booby traps such as the Alias command in linux to have "ls" really delete something. Whatever.

I have a practical question. Since most people wanting to hide evidence
may not have a lot of time to act, what attention has been paid to the idea of
destroying the evidence while the cops are beating the door down?
You know, like in old gangster movies, bookies working in the back room
of the pool hall using paper that will instantly burn when touched with
a lighted cigarette?